Re: [TLS] TLS 1.3 - Support for compression to be removed

Tony Arcieri <bascule@gmail.com> Tue, 22 September 2015 16:23 UTC

Return-Path: <bascule@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 634631B2BC8 for <tls@ietfa.amsl.com>; Tue, 22 Sep 2015 09:23:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AcefKTMdJsqx for <tls@ietfa.amsl.com>; Tue, 22 Sep 2015 09:23:37 -0700 (PDT)
Received: from mail-vk0-x22b.google.com (mail-vk0-x22b.google.com [IPv6:2607:f8b0:400c:c05::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C09381B2BC7 for <tls@ietf.org>; Tue, 22 Sep 2015 09:23:36 -0700 (PDT)
Received: by vkhf67 with SMTP id f67so9988352vkh.1 for <tls@ietf.org>; Tue, 22 Sep 2015 09:23:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=5rAzopzTNRGQzXZLVCTRgmILrwj9S1wvGW0K2/U2HMk=; b=BCbZuqmg3RKm1l7Rr47JeUc4d9hke0GEOZbOtMAL5QTekLd2b6P/8X9bUSTSIwnoya ivD3ivZX6YRVS/aqUzUUMCkDhRGDePTBQbb1Xl7XK7HP3B8ZL0R/pAQ2RUrtpOjGUcpU j4iGPdGdysZSV6CJH6lOvr4Jf1eGNCcZtQIgaI1IzGO4GgjuQFo965Yvjf13QDziJwXg AIqRPwCq3nYPTJn9FGtI3gWtorbXy5nKXSZnBjE8YH+hrqF5oCXkVh9L8qBhJSnVxUzv DHrcG7aAGOjVgAB38skVJkshZIAdge6XfEg78gsClBOjF0RhyYKbxLZ097b5nOx96Ta3 oAdg==
X-Received: by 10.31.33.134 with SMTP id h128mr16468742vkh.138.1442939015915; Tue, 22 Sep 2015 09:23:35 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.103.18.65 with HTTP; Tue, 22 Sep 2015 09:23:16 -0700 (PDT)
In-Reply-To: <20150922132321.17789008.2591.24358@ll.mit.edu>
References: <20150922132321.17789008.2591.24358@ll.mit.edu>
From: Tony Arcieri <bascule@gmail.com>
Date: Tue, 22 Sep 2015 09:23:16 -0700
Message-ID: <CAHOTMV+riEzyYQcDfh4mMRokivCD_6T=ErTKF+BP41xABWEG8A@mail.gmail.com>
To: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
Content-Type: multipart/alternative; boundary="001a11466bfc79efa60520586bfa"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/9FAl6VGOC1NYvTbWmviZ88SPRac>
Cc: Simon Josefsson <simon@josefsson.org>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] TLS 1.3 - Support for compression to be removed
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Sep 2015 16:23:39 -0000

On Tue, Sep 22, 2015 at 6:23 AM, Blumenthal, Uri - 0553 - MITLL <
uri@ll.mit.edu> wrote:

> Also, if compression is moved from TLS to upper layer(s) - how would it
> mitigate compression-related attacks? Besides "now it's somebody else's
> problem"?


This is the wrong way of looking at it. Keeping compression in TLS endorses
unsafe usage of a feature known to introduce compression sidechannels.

Whether other protocols decide to introduce their own secondary compression
layer is their own prerogative. But an unsafe feature shouldn't be kept in
TLS just because some protocols want to do unsafe things and are too lazy
to implement their own compression.

-- 
Tony Arcieri